One of the main challenges of formal verification is the ability to
handle systems of realistic size, which is especially exacerbated in
the context of software verification. In this dissertation, we
suggest two related approaches that, while both rely on formal
method techniques, they can still be applied to larger practical
systems. The scalability is mainly achieved by restricting the types
of properties we are considering and guarantees that are given.

Our first approach is a novel run-time monitoring framework. Unlike
previous work on this topic, we expect the properties to be
specified using Property Specification Language (PSL). PSL is a
newly adopted IEEE P1850 standard and is an extension of Linear
Temporal Logic (LTL). The new features include regular expressions
and finite trace semantics, which make the new logic very attractive
for run-time monitoring of both software and hardware designs. To
facilitate the new logic we have extended the existing algorithm for
LTL tester construction to cover the PSL specific operators. Another
novelty of our approach is the ability to use partial information
about the program that is being monitored while the existing tools
only use the information about the observed trace and the property
under consideration. This allows going beyond the focus of
traditional run-time monitoring tools -- error detection in the
execution trace, towards the focus of static analysis -- bug
detection in programs.

In our second approach, we employ static analysis to compute
SAT-based function summaries to detect invalid pointer accesses. To
compute function summaries, we propose new techniques for improving
the precision and performance in order to reduce the false error
rates. In particular, we use BDDs to represent a symbolic simulation
of functions, where BDDs allow an efficient representation of
path-sensitive information and high level simplification. In
addition, we use light-weight range analysis technique for
determining lower and upper bounds for program variables, which can
further offload the work form the SAT solver. Note that while in our
current implementation the analysis happens at compile time, we can
also use the function summaries as a basis for run-time monitoring.